Commit Graph

3649 Commits

Author SHA1 Message Date
andrew
e09a96d093 Mark the EFI PE header as allocated. While ld.bfd doesn't seem to care
about not having this flag ld.lld fails to link without it.

Sponsored by:	DARPA, AFRL
2017-03-17 13:31:24 +00:00
tsoome
1553321dc0 loader: biosdisk should report IO error from INT13
We should be more verbose about read errors from biosdisk, except filter
out the floppy controller errors, which apparently are resulting from
read attempt from device without the media present.

Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D10032
2017-03-16 21:34:14 +00:00
tsoome
265ec06d97 loader: remove open_disk cache
As we provide the disk size verification and correction via disk_ioctl
and disk state provided by disk_open(), we can not share the partition
state in disk_devdesc structure. Also the sharing does make a lot of sense
with ufs, as only one partition is open at any given time, but zfs pools
do keep the disk devices open.

To make sure we do get the correct information about the open device,
just remove the cache.

Reviewed by:	allanjude, smh
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9757
2017-03-16 12:04:43 +00:00
tsoome
69ec1e5fdf boot1.efi: can't boot from ZFS on 4kn HDD
The boot1.efi immediate issue from PR216964 is that we are reading into
too small buffer, from UEFI spec 2.6:

The size of the Buffer in bytes. This must be a multiple of the intrinsic block size of the device.

The secondary issue is that LBA calculation does not check reminder from
division.

This fix does check the provided buffer size and if we read less than
media sector size or the read offset is not aligned to sector boundary,
we allocate bounce buffer and perform the read by single sector.

PR:		216964
Reported by:	Sergey Kozlov
Reviewed by:	allanjude, Sergey Kozlov
Approved by:	allanjude (mentor)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D9870
2017-03-15 19:48:22 +00:00
dexuan
9258483bf2 loader.efi: use stricter check for Hyper-V
Some other hypervisors like Xen can pretend to be Hyper-V but obviously
they can't implement all Hyper-V features. Let's make sure we're genuine
Hyper-V here.

Also fix some minor coding style issues.

PR:		211746
MFC after:	2 weeks
Sponsored by:	Microsoft
2017-03-14 08:12:14 +00:00
gonzo
6dcb0108b7 [loader][fdt] Fix applying overlays without __local_fixups__ node
Do not return error if __local_fixups__ node is missing in DTB overlay
because local fixup data is optional.

Reported by:	Manuel Stuhn
MFC after:	1 week
2017-03-10 19:15:57 +00:00
sbruno
27effb9314 r314948 seems to be missing a variable or two that will break
TFTP/MFSRoot booting via PXE.  For the TFTP_LOADER case, go ahead and
fire off the old bootp() request to ensure that whatever is missing is
populated.

Sponsored by:	Limelight Networks
2017-03-10 17:14:08 +00:00
dexuan
729338e7b5 loader.efi: only include the machine/ header files on x86
The 2 files may not exist on other archs like aarch64 and hence we
can have a build failure there.

Reported by:	lwhsu
MFC after:	2 weeks
Sponsored by:	Microsoft
2017-03-09 15:44:25 +00:00
dexuan
de5c1722f5 loader.efi: only reduce the size of the staging area on Hyper-V
Doing this on physical hosts turns out to be problematic, e.g. see comment
24 and 28 in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211746.

To fix the real underlying issue correctly & thoroughly, IMO we need
a relocatable kernel, but that would require a lot of complicated long
term work:  https://reviews.freebsd.org/D9686?id=25414#inline-56969

For now, let's only apply efi_verify_staging_size() to VMs running on
Hyper-V, and restore the old behavior on physical machines since that
has been working for people for a long period of time, though that's
potentially unsafe...

MFC after:	2 weeks
Sponsored by:	Microsoft
2017-03-09 12:09:07 +00:00
oshogbo
b5f6adf5d4 Try to extract the RFC1048 data from PXE. If we get enough info we can skip
the bootp(). It removes unnecessary DHCP request from pxeloader.

Submitted by:	kczekirda
Sponsored by:	Oktawave
Initiated by:	Matthew Dillon
Reviewed by:	smh, gnn, bapt, oshogbo
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D9847
2017-03-09 06:01:24 +00:00
oshogbo
81c3988f8a Some style(9) fixes. No functional changes.
Submitted by:	kczekirda
Sponsored by:	Oktawave
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D9395
2017-03-09 05:13:07 +00:00
imp
c993c1b8eb Share UCS2/UTF8 routines between boot loader and userland.
Move the UCS2 to UTF8 routines over into sys/boot/efi and have
libefivar grab them from there.

Sponsored by: Netflix
2017-03-09 00:24:01 +00:00
mmel
d968677217 Match JETSON-TK1 FreeBSD specific DTS stub with r314854. 2017-03-08 07:23:15 +00:00
dexuan
0e7e2c6202 loader.efi: finally fix the off-by-one bug in efi_verify_staging_size()
r314828(loader.efi: fix an off-by-one bug in efi_verify_staging_size())
doesn't really fix the bug and this patch adds the missing part.

It's a shame that I didn't make everything correct at the very beginning...

MFC after:	2 weeks
Sponsored by:	Microsoft
2017-03-08 02:50:29 +00:00
cem
ec4f9c7157 ufsread: Use appropriate UFS_MAXNAMLEN constant
A follow-up to r313475.

Submitted by:	Gaurav Gangalwar <Gaurav.Gangalwar at emc.com>
Sponsored by:	Dell EMC Isilon
2017-03-07 21:40:01 +00:00
manu
068f3be6db Update our Allwinner DTS to latest DTS changes in Linux 4.10 2017-03-07 13:59:30 +00:00
dexuan
d5437e63a6 loader.efi: fix an off-by-one bug in efi_verify_staging_size()
Also remove the warning message: it may not be unusual to see
the memory range containing 2MB is not of EfiConventionalMemory.

MFC after:	2 weeks2 weeks
Sponsored by:	Microsoft
2017-03-07 03:35:50 +00:00
dexuan
f61d2c2879 loader.efi: fix recent UEFI-boot regression on physical machines
This patch fixes my recent patch
"loader.efi: reduce the size of the staging area if necessary", which
causes EFI-boot failure on physical machines since Mar 2:
on the host there is a 1MB LoaderData memory range, which splits
the big Conventional Memory range into a small one (15MB) and a
big one: the small one is too small to hold the staging area.

We can actually use the LoaderData range safely, because when
amd64_tramp -> efi_copy_finish() starts to run, we're almost at
the very end of the efi loader code and we're going to "return"
to the kernel entry, so we're pretty sure we won't access any loader
data any more.

For people who are interested in the details: please see
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211746#c22

PS, some people also reported the regression happened to FreeBSD VM
running on Bhyve in EFI mode. This patch should resolve it too,
though I don't have such a setup to test.

Reviewed by:	sephe
Approved by:	sephe (mentor)
MFC after:	2 weeks
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D9904
2017-03-06 09:34:31 +00:00
dexuan
55d5acd163 loader.efi: reduce the size of the staging area if necessary
The loader assumes physical memory in [2MB, 2MB + EFI_STAGING_SIZE)
is Conventional Memory, but actually it may not, e.g. in the case
of Hyper-V Generation-2 VM (i.e. UEFI VM) running on Windows
Server 2012 R2 host, there is a BootServiceData memory block at
the address 47.449MB and the memory is not writable.

Without the patch, the loader will crash in efi_copy_finish():
see PR 211746.

The patch verifies the end of the staging area, and reduces its
size if necessary. This way, the loader will not try to write into
the BootServiceData memory any longer.

Thank Marcel Moolenaar for helping me on this issue!

The patch also allocates the staging area in the first 1GB memory.
See the comment in the patch for this.

PR:		211746
Reviewed by:	marcel, kib, sephe
Approved by:	sephe (mentor)
MFC after:	2 weeks
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D9686
2017-03-02 07:25:50 +00:00
pfg
10eed1ae8d Split the ficl CFLAGS when they refer to an arch-specific include path.
This is a minimal attempt to keep consistency in the Makefiles so that
moving ficl to somwehere like contrib will be less error prone.

MFC after:	1 week
2017-03-01 19:36:32 +00:00
tsoome
d41d1f4113 loader: r314112 did introduce dereference freed pointer entry
CID: 1371675
Reported by:	Coverity
Reviewed by:	jhb, allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9846
2017-03-01 19:02:43 +00:00
br
68d840d99d Set USB OTG mode to host (missed in vendor DTS for some reason).
Sponsored by:	DARPA, AFRL
2017-03-01 10:55:12 +00:00
imp
7e6cabd06e Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
br
253ac85dd6 Add support for Intel Arria 10 SoC Development Kit.
Use standard DTS files for SOCKIT and SOCDK.

Sponsored by:	DARPA, AFRL
2017-02-28 14:02:16 +00:00
glebius
745bcd6fba Remove SVR4 (System V Release 4) binary compatibility support.
UNIX System V Release 4 is operating system released in 1988. It ceased
to exist in early 2000-s.
2017-02-28 05:14:42 +00:00
oshogbo
894e6fa7eb Remove unused macro from common/drv.c.
When we was compering it to code from boot2 it also looks like
this code is buggy and boot2 was never updated to use this code.
USE_XREAD flag is unused in boot2, and common/drv.c was never
build with that flag.

Reviewed by:	jhb
Differential Revision:	https://reviews.freebsd.org/D9780
2017-02-25 18:14:32 +00:00
allanjude
fcca3eb1af Remove control+r handling from geliboot's pwgets()
pwgets() is based on ngets() from libstand, which includes a feature
that is not wanted in a very of the function designed for password
handling.

Pressing control+r echos out the entered string

This commit removes that feature from pwgets()

PR:		217298
Reported by:	ehaupt
Reviewed by:	kristof, tsoome, ehaupt
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D9782
2017-02-24 16:52:57 +00:00
jhb
4c2925c4fd Use LDFLAGS with CC instead of _LDFLAGS.
This is a followup to r311458.  _LDFLAGS is for use with LD, whereas
LDFLAGS is for use with CC.
2017-02-22 23:58:54 +00:00
tsoome
b2b5986a97 loader: update symlink support in zfs reader
As the current zfs file system is providing symlink via system attributes, need
to update the code accordingly.

Note, as the zfsboot code does not free the memory at this time, the
object list will put some stress on the boot2 heap, eventually we should
address the issue.

Reviewed by:	allanjude, smh
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9706
2017-02-22 22:00:50 +00:00
pfg
077418d939 sys: Replace zero with NULL for pointers.
Found with:	devel/coccinelle
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D9694
2017-02-22 02:35:59 +00:00
allanjude
8557f8f2df improve PBKDF2 performance
The PBKDF2 in sys/geom/eli/pkcs5v2.c is around half the speed it could be

GELI's PBKDF2 uses a simple benchmark to determine a number of iterations
that will takes approximately 2 seconds. The security provided is actually
half what is expected, because an attacker could use the optimized
algorithm to brute force the key in half the expected time.

With this change, all newly generated GELI keys will be approximately 2x
as strong. Previously generated keys will talk half as long to calculate,
resulting in faster mounting of encrypted volumes. Users may choose to
rekey, to generate a new key with the larger default number of iterations
using the geli(8) setkey command.

Security of existing data is not compromised, as ~1 second per brute force
attempt is still a very high threshold.

PR:		202365
Original Research:	https://jbp.io/2015/08/11/pbkdf2-performance-matters/
Submitted by:	Joe Pixton <jpixton@gmail.com> (Original Version), jmg (Later Version)
Reviewed by:	ed, pjd, delphij
Approved by:	secteam, pjd (maintainer)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D8236
2017-02-19 19:30:31 +00:00
emaste
8e79b56e85 prefix UFS symbols with UFS_ to reduce namespace pollution
Specifically:
  ROOTINO -> UFS_ROOTINO
  WINO -> UFS_WINO
  NXADDR -> UFS_NXADDR
  NDADDR -> UFS_NDADDR
  NIADDR -> UFS_NIADDR
  MAXSYMLINKLEN_UFS[12] -> UFS[12]_MAXSYMLINKLEN (for consistency)

Also prefix ext2's and nandfs's NDADDR and NIADDR with EXT2_ and NANDFS_

Reviewed by:	kib, mckusick
Obtained from:	NetBSD
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D9536
2017-02-15 19:50:26 +00:00
tsoome
14b5a751c1 loader: cstyle fixes and DIOCGMEDIASIZE should use uint64_t
Cleaned up some spaces where tabs should be.
efipart_ioctl() DIOCGMEDIASIZE needs to use uint64_t, not off_t

Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9562
2017-02-13 21:33:50 +00:00
tsoome
bc4cd9bd85 loader: implement MEDIA_FILEPATH_DP support in efipart
The efipart rework did break the ARM systems as the new code is
using more exact filters to sort the devices and we need to
add support for MEDIA_FILEPATH_DP device paths.

PR:		216940
Reported by:	karl@denninger.net
Reviewed by:	allanjude, manu
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9520
2017-02-11 15:25:49 +00:00
emaste
249f867868 Remove sys/boot/pc98 accidentally restored in r313575
Reported by:	rpokala
2017-02-11 02:45:54 +00:00
emaste
955b6cfdd0 makefs: make the buffer functions look exactly like the kernel ones
From NetBSD christos Sat Jan 26 00:19:39 2013 +0000

make the buffer functions look exactly like the kernel ones and add other
cruft to make the kernel files compile.

ffs.c 1.54
ffs/buf.c 1.13
ffs/buf.h 1.3
ffs/ffs_alloc.c 1.21
ffs/ffs_balloc.c 1.15

Reviewed by:	marcel, ngie
Obtained from:	NetBSD
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8404
2017-02-11 02:33:48 +00:00
tsoome
099d15f298 loader: possible NULL pointer dereference in bcache.c
Coverity detected the possible NULL pointer dereference case.
Also updated comment as was suggested in illumos review.

CID:		1371008
Reported by:	Coverity
Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9496
2017-02-08 18:32:53 +00:00
tsoome
d9cd65922e loader: possible NULL pointer dereference in efipart.c
Fix bugs found by Coverity in efipart.c.

The Issue is that efi_devpath_last_node() can return NULL pointer, and
therefore we should check for it. In real life we really do not
expect to see it to happen, so we will just error out from the test.

CID:		1371004
Reported by:	Coverity
Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9490
2017-02-08 15:52:09 +00:00
manu
8966cdb0ee efipart is also using the '%S' printf format, add -Wno-format for it.
This fix building for armv6.
2017-02-07 15:16:01 +00:00
tsoome
e1e0fb6574 loader: disk io should not use alloca()
The alloca() does give us pointer and we have no practical way to check if the
area is actually available, resulting in corruption in corner cases.

Unfortunately we do not have too many options right now, but to use one page.

Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9455
2017-02-06 18:44:15 +00:00
tsoome
e988b9cc04 loader: biosdisk fix for 2+TB disks
This fix is implementing partition based boundary check for
disk IO and updates disk mediasize (if needed), based on information
from partition table.

As it appeared, the signed int based approach still has corner cases,
and the wrapover based behavior is non-standard.

The idea for this fix is based on two assumptions:

The bug about media size is hitting large (2+TB) disks, lesser disks
hopefully, are not affected.

Large disks are using GPT (which does include information about disk size).
Since our concern is about boot support and boot disks are partitioned,
implementing partition boundaries based IO verification should make the
media size issues mostly disappear.

However, for large disk case, we do have the disk size available from GPT table.
If non-GPT cases will appear, we still can make approximate calculation about
disk size based on defined partition(s), however, this is not the objective
of this patch, and can be added later if there is any need.

This patch does implement disk media size adjustment (if needed) in bd_open(),
and boundary check in bd_realstrategy().

Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D8595
2017-02-06 18:29:43 +00:00
tsoome
eff37e003c loader: 313329 missed ZFS guard in loader/main.c
Missing guard added.

Reviewed by:	imp, allanjude
Approved by:	imp (mentor), allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9458
2017-02-06 10:57:54 +00:00
tsoome
8737efce95 loader: Replace EFI part devices.
Rewrite EFI part device interface to present disk devices in more
user friendly way.

We keep list of three types of devices: floppy, cd and disk, the
visible names: fdX: cdX: and diskX:

Use common/disk.c and common/part.c interfaces to manage the
partitioning.

The lsdev -l will additionally list the device path.

Reviewed by:	imp, allanjude
Approved by:	imp (mentor), allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D8581
2017-02-06 09:18:47 +00:00
tsoome
6e818b85ef loader: bcache read ahead block count should take account the large sectors
The loader bcache is implementing simple read-ahead to boost the cache.
The bcache is built based on 512B block sizes, and the read ahead is attempting
to read number of cache blocks, based on amount of the free bcache space.

However, there are devices using larger sector sizes than 512B, most obviously
the CD media is based on 2k sectors. This means the read-ahead can not be just
random number of blocks, but we should use value suitable also for use with
larger sectors, as for example, with CD devices, we should read multiple of 2KB.
Since the sector size from disk interface is not too reliable, i guess we can
just use "good enough" value, so the implementation is rounding down the read
ahead block count to be multiple of 16.

This means we have covered sector sizes to 8k.

In addition, the update does implement the end of cache marker, to help to
detect the possible memory corruption - I have not seen it happening so far,
but it does not hurt to have the detection mechanism in place.

Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9179
2017-02-06 08:58:40 +00:00
tsoome
323b515407 loader: Implement disk_ioctl() to support DIOCGSECTORSIZE and DIOCGMEDIASIZE.
Need interface to extract information about disk abstraction,
to read disk or partition size depending on the provided argument
and adjust disk size based on information in partition table.

The disk handle from disk_open() has d_offset field to point to
partition start. So we can use this fact to return either whole disk
size or partition size. For this we only need to record partition size
we get from disk_open() anyhow.

In addition, this will also make it possible to adjust the disk media size
based on information from partition table. The problem with disk size is
about some BIOS systems reporting bogus disk size for 2+TB disks, but
since such disks are using GPT partitioning, and GPT does have information
about disk size (alternate LBA + 1), we can use this fact to record disk
size based on partition table.

This patch does exactly this: implements DIOCGSECTORSIZE and DIOCGMEDIASIZE
ioctl, and DIOCGMEDIASIZE will report either disk media size or partition size.

Adds ptable_getsize() call to read partition size in bytes from ptable pointer.
Updates disk_open() to use ptable_getsize() to update mediasize value.

Implements GPT detection function to update ptable size (used by
ptable_getsize()) according to alternate lba (which is location of backup copy
of GPT header table).

Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D8594
2017-02-06 08:26:45 +00:00
tsoome
4de64fdcd8 loader: libefi/env.c warnings in arm build
The arm build has revealed some of the warnings, the fix for CHAR16
warning is to switch the warning off for env.c (same as for efinet.c).

For error code we need to use macro.

Reported by:	gjb
Reviewed by:	imp
Approved by:	imp (mentor)
Differential Revision:	https://reviews.freebsd.org/D9422
2017-02-03 16:39:10 +00:00
tsoome
e6945f7ee6 loader: disk/part api needs to use uint64_t offsets
The disk_* and part_* api is using 64bit values for media size and
offsets. However, the current api is using off_t type, which is signed
64-bit int.

In this context the signed media size does not make any sense, and
the offsets are used to mark absolute, not relative locations.

Also, the data from GPT partition table and some other sources is
already using uint64_t data type, so using signed off_t can cause sign
issues.

Reviewed by:	imp
Approved by:	imp (mentor)
Differential Revision:	https://reviews.freebsd.org/D8710
2017-02-01 20:10:56 +00:00
tsoome
040b327347 loader.efi environment related cleanups
Since we have dedicated libefi/env.c file for variable support, the following
changes are done:

Simple cstyle changes in env.c
Moved efi variable related commands from loader/main.c to libefi/env.c
Did create function to set "efi-version" environment variable in env.c.

This function does serve two purposes: for first a  small clean up of the
loader main(), and for second, it does replace the otherwise unused
efi_variable_support hack.
A bit of cleanup of ficl backend functions. The TEST_MAIN has no meaning,
and removed few memory leaks.

The forth code is updated to use "efi-version" variable, instead of ficl
environment check.

Reviewed by:	imp
Approved by:	imp (mentor)
Differential Revision:	https://reviews.freebsd.org/D9165
2017-02-01 08:46:59 +00:00
jmcneill
3a3544201e Add missing ephy bus gates and resets. 2017-01-31 14:36:06 +00:00
brooks
2eb615a640 Remove "-Xassembler -G0" from CFLAGS.
-G0 is sufficent except on old version of clang (<3.8) and such versions
are unlikely to be generally useful on mips64.

Reported by:	sbruno
Sponsored by:	DARPA, AFRL
2017-01-29 11:52:36 +00:00